diff options
Diffstat (limited to 'modules/private/system/backup-2.nix')
-rw-r--r-- | modules/private/system/backup-2.nix | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/modules/private/system/backup-2.nix b/modules/private/system/backup-2.nix index ede5bc2..1d84667 100644 --- a/modules/private/system/backup-2.nix +++ b/modules/private/system/backup-2.nix | |||
@@ -1,9 +1,8 @@ | |||
1 | { privateFiles }: | 1 | { privateFiles }: |
2 | { config, pkgs, resources, name, ... }: | 2 | { config, pkgs, resources, ... }: |
3 | { | 3 | { |
4 | boot.kernelPackages = pkgs.linuxPackages_latest; | 4 | boot.kernelPackages = pkgs.linuxPackages_latest; |
5 | myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; }; | 5 | myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; }; |
6 | hostEnv.FQDN = "backup-2.v.immae.eu"; | ||
7 | 6 | ||
8 | imports = builtins.attrValues (import ../..); | 7 | imports = builtins.attrValues (import ../..); |
9 | 8 | ||
@@ -28,13 +27,22 @@ | |||
28 | firewall.enable = true; | 27 | firewall.enable = true; |
29 | interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList | 28 | interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList |
30 | (n: ips: { address = ips.ip4; prefixLength = 32; }) | 29 | (n: ips: { address = ips.ip4; prefixLength = 32; }) |
31 | (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.backup-2.ips); | 30 | (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips); |
32 | interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList | 31 | interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList |
33 | (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or [])) | 32 | (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or [])) |
34 | config.myEnv.servers.backup-2.ips); | 33 | config.hostEnv.ips); |
35 | defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; | 34 | defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; |
36 | }; | 35 | }; |
37 | 36 | ||
37 | myServices.certificates.enable = true; | ||
38 | services.nginx = { | ||
39 | enable = true; | ||
40 | recommendedOptimisation = true; | ||
41 | recommendedGzipSettings = true; | ||
42 | recommendedProxySettings = true; | ||
43 | }; | ||
44 | networking.firewall.allowedTCPPorts = [ 80 443 ]; | ||
45 | |||
38 | services.cron = { | 46 | services.cron = { |
39 | mailto = "cron@immae.eu"; | 47 | mailto = "cron@immae.eu"; |
40 | enable = true; | 48 | enable = true; |
@@ -49,6 +57,7 @@ | |||
49 | }; | 57 | }; |
50 | 58 | ||
51 | myServices.mailRelay.enable = true; | 59 | myServices.mailRelay.enable = true; |
60 | myServices.mailBackup.enable = true; | ||
52 | myServices.monitoring.enable = true; | 61 | myServices.monitoring.enable = true; |
53 | myServices.databasesReplication = { | 62 | myServices.databasesReplication = { |
54 | postgresql = { | 63 | postgresql = { |
@@ -57,7 +66,7 @@ | |||
57 | hosts = { | 66 | hosts = { |
58 | eldiron = { | 67 | eldiron = { |
59 | slot = "backup_2"; | 68 | slot = "backup_2"; |
60 | connection = "postgresql://backup-2:${config.myEnv.servers.backup-2.ldap.password}@eldiron.immae.eu"; | 69 | connection = "postgresql://backup-2:${config.hostEnv.ldap.password}@eldiron.immae.eu"; |
61 | }; | 70 | }; |
62 | }; | 71 | }; |
63 | }; | 72 | }; |
@@ -71,7 +80,7 @@ | |||
71 | host = config.myEnv.servers.eldiron.ips.main.ip4; | 80 | host = config.myEnv.servers.eldiron.ips.main.ip4; |
72 | port = "3306"; | 81 | port = "3306"; |
73 | user = "backup-2"; | 82 | user = "backup-2"; |
74 | password = config.myEnv.servers.backup-2.ldap.password; | 83 | password = config.hostEnv.ldap.password; |
75 | dumpUser = "root"; | 84 | dumpUser = "root"; |
76 | dumpPassword = config.myEnv.databases.mysql.systemUsers.root; | 85 | dumpPassword = config.myEnv.databases.mysql.systemUsers.root; |
77 | }; | 86 | }; |